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ABSTRACT 


The Discrete Logarithm Problem (DLP) is a fundamental cryptographic primitive. 
The DLP is defined for any cyclic group, specifically finite fields, whether the integers 
modulo a prime p or a polynomial field of characteristic p modulo some irreducible poly- 
nomial f (2). For polynomial fields over a finite field, also known as Galois fields, the DLP 
can be viewed as finding a solution to the equation 1 + x’ = 2/ for arbitrary values of 7 
(modulo some primitive polynomial). Solutions are (relatively) easy to find for trinomials 
and these would be the easiest polynomials to implement in hardware. However, primitive 
trinomials do not exist for all degrees. 

Primitive polynomials are irreducible polynomials with an associated primitive root 
qa that is a generator of the multiplicative group. Thus the generator a generates all nonzero 
2” — 1 elements of a Galois field whose base field is the integers modulo two. Primitive 
polynomials over the field of two elements, or GF'(2), have important applications in cryp- 
tology and coding theory. 

This thesis investigates properties of polynomials with more than three terms where 
all but one term is a row of Pascal’s triangle modulo two. In other words we define a certain 
class of polynomials by f(a) = x” + p(x), where p(x) is a row of Pascal’s triangle modulo 
two. This thesis shows that some of these polynomials, which are not trinomials, also 
have “easy” solutions. We observe that for a polynomial to have an associated primitive 
element, there are definite restrictions on the degree of the polynomial using particular rows 
of Pascal’s triangle. 
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I. INTRODUCTION 


Digital communications are now commonplace, if not essential, in our day to day 
lives. The average user takes for granted the inner workings of their computer systems. 
One feature in particular is random-number generation, which computer software systems 
utilize in cryptographic library files. The simplest and most efficient method for random- 
number generation is via a maximum period Linear-Feedback Shift Register (LFSR). The 
authoritative source on the topic is Shift Register Sequences by Solomon W. Golomb [1]. 
These pseudo-random sequences, also called m-sequences, have the needed randomness 
properties of balance, runs, and correlation. Applications of LFSR’s range from stream 
ciphers to scrambling sequences used by cable television, satellite communications and 
cell-phones. Each m-sequence is uniquely determined by a primitive polynomial whose 
coefficients are elements of some prime sub-field, p. We call this subfield the Galois field 
with p elements, denoted by GF(p). We restrict our attention to the case p = 2 in this 
thesis. These polynomials are useful for a wide variety of applications such as random- 
number generators, stream ciphers, and linear code generators. 

Specifically, primitive polynomials are essential to Error Checking and Correcting 
(ECC) Hamming Codes and the Advanced Encryption System (AES) [2]. One area of 
particular interest to the Cryptologic and Coding communities is the Discrete Logarithm 
Problem (DLP) [3]. While logarithms are straightforward to find over the real numbers, the 
DLP looks for solutions to the following equation modulo some polynomial f(x) whose 
coefficients are taken modulo some prime p. So we define the DLP over G'F'(2”) in the 
following way; for a primitive polynomial f(x) of degree n with root a, an integer 7, and 
the relation 1 + x? = x, solve for j in a computationally feasible amount of time. This 
relation implies that the polynomial g(x) = x? + x' + 1 is a trinomial multiple of f(x), 
or that f(x) divides g(x). Because a is a cyclic generator of the multiplicative group 
G = GF(2") = {a*|0 < k < |G|}, then for every a’ in G, there exists a unique a/, 
where 7 < 7 that satisfies the above relation. The difficulty of the problem is finding a 
computationally feasible algorithm that finds 7 in terms of 2, without generating the entire 
field. One method is to compute Zech’s logarithm table for GF'(2”) [3], also referred to as 
a table of Shift-and-Add (SAA) pairs [4]. 


If we have a primitive polynomial of degree n over G'F'(2) with only three terms, 
then the polynomial itself defines an entry in the SAA table. The occurrence of primitive 
trinomials for an arbitrary degree n is infrequent but a great amount of research exists on 
primitive trinomials [5, 6, 7]. Primitive pentanomials are more pervasive than primitive 
trinomials. Thus we investigate pentanomials and higher term polynomials of the form 
f(x) = «" + p(x), where p(x) is a row of Pascal’s triangle modulo two. The motivation 
for requiring that p(x) be a row of Pascal’s triangle is that for such polynomials, p(x) = 
(x+1)*, where k is the particular row of Pascal’s triangle with the coefficients taken modulo 
two. So we can rewrite f(a) as x” + (2 + 1)*, which appears to provide a possible SAA 


pair. As an example, consider the primitive polynomial f(z) = 2° + 73 +27?+2+1 





of degree 7 over GF'(2) with root a. We can rewrite the equation in the desired form 
f(x) = a2" + (x + 1)°. If f(x) is primitive, which in this case we know to be true, then we 


! — q° = 1, which follows from the 


can manipulate the equation using the fact that a?"— 
fact that a is a cyclic generator of the multiplicative group with a period of 2’—1 = 127. So 
if we can find a = 37! (mod 127), then we would find the first SAA pair. Since 37! = 85 


(mod 127), we find the solution to the SAA pair by 


(a an ee = ix" (mod 127) 


qh ay? X85 (mod 127) _ ae” 


Thus (1,87) is a SAA pair that corresponds to the exponents a? + at = a®’, and f(x) 
divides the polynomial x°’ + x + 1. This provides a step toward a solution to a specific 
DLP in the field GF'(2”) characterized by the specific polynomial f(z). 

This thesis investigates properties of polynomials of the form f(x) = x" + p(x). 
We define minimal conditions that the polynomial must satisfy if it is to be primitive. We 
also define these polynomials as row k Pascal polynomials, where k is the corresponding 
row of Pascal’s triangle. Chapter II provides the necessary background in Number Theory, 
Group Theory, Field Theory, and Galois Theory. The reader versed in these areas may wish 
to skip directly to the problem statement beginning in Chapter III. 


Il. BACKGROUND AND REVIEW 


Before beginning a discussion of the problem we investigate, we present some basic 
definitions and theorems. This information is available in any standard algebra text, such as 
Beachy and Blair’s Abstract Algebra [8], or number theory text, such as Rosen’s Elemen- 
tary Number Theory [9]. When discussing groups and fields, it should be understood that 
this paper is only concerned with finite fields. It is also assumed that the reader is familiar 


with common mathematical, logical, and set notation. 
A. NUMBER THEORY 


An integer a is called a multiple of a non-negative integer b if a = bq for some 
integer g. We also say that b is a divisor, or factor of a denoted by bla [8]. Given two 
integers a and b, not both 0, there exists a positive integer d such that: (i) d is a divisor 
of both a and 5, and (ii) any divisor of both a and b is also a divisor of d. This greatest 
common divisor of a and b is denoted by gcd(a, b) or simply (a,b). If (a,b) = 1, then a 
and b are said to be relatively prime. If p is a prime number then (a, p) = 1 for all positive 
integers a less than p [8, 9]. 

With the notion of divisibility, it is useful to define a relationship among integers 
with equal remainders when divided by an integer n. For any positive integer n, the integers 
a and b are congruent modulo n if they have the same remainder when divided by n. 
Congruence is denoted by writing a = b (mod n). An immediate consequence of this 
definition is that two integers a and b are congruent modulo n if and only if n divides their 
difference a — b, denoted n|(a — b) => a = b(modn) [8, 9]. Also, if n divides a then a 
is congruent to zero modulo n. 

Every integer has at least two factors, itself and one. If an integer is prime, then 
these are its only factors. If an integer has factors other than itself and one, then we can 
further decompose these factors into smaller factors until we have a prime factorization of 
the integer. The Fundamental Theorem of Arithmetic states that every integer is uniquely 
expressible as a product of its prime factors. Given a positive integer n, let the prime 
factorization of n be denoted by 


k 
= oF) 
n= |] p;'. 
i=1 


Euler’s Totient Function, commonly referred to as Euler’s Phi Function [8, 9] gives the 
number of integers less than or equal to n which are relatively prime to n, and is denoted 


by 
k 


o(n) =] (1 = =) =|] @* - pt”). 


i=1 

Euler’s Theorem provides a useful relationship between the congruences of an integer n 
and the Phi Function. If a and n are integers relatively prime to each other, then a? = 1 
(mod n) [8, 9]. A corollary to Euler’s Theorem provides a simple proof of Fermat’s Little 


Theorem. If p is a prime, then for any integer a relatively prime to p, 


a?-'=1 (mod p), 
a’-'—1=0 (mod p) 


P 


a’ =a _ (mod p), evenifa =0. 


This last congruence holds even if (a,p) = p [8, 9]. Since this thesis investigates the 
properties of polynomials based upon Pascal’s triangle, we now define how Pascal’s triangle 
is derived from the next few definitions and identities. Given two non-negative integers n 


and 7, the binomial coefficient (") (read ““n choose 2”) is defined by 


Olen 


for all i such that 0 < i <n. Otherwise (") is equal to zero [9]. Pascal’s Identity defines a 


recurrence between binomial coefficients. Let n and 2 be positive integers with n > 2, then 


(=p +053) Bt 


The Pascal triangle is a table of the binomial coefficients where (") is the (i + 1)* 
number in the (n + 1)* row. The first eight rows of Pascal’s triangle are listed in Figure | 
[9]: 

Note that the exterior numbers in the triangle are all ones and the number of terms in 
each row is equal to one more than the row number. To find an interior number, simply add 
the two numbers in the positions above and to the left and right of the position being filled 
(as in the shaded figure above). By Pascal’s Identity, this yields the appropriate integer [9]. 


i 
2 
6 


1 
) 
4 
10 1 
20 


Figure 1. Pascal’s triangle 


| 

a" 
on “Bo 
1 0 1 
a i 


Later we want to observe the rows of Pascal’s triangle modulo two. Figure 2 shows 
the coefficients reduced modulo two. 


gl 
oo 
oo on 
ao 
if a,” af, i 
oon EOooo 


Figure 2. Pascal’s triangle modulo two 


Again, the exterior numbers in the triangle are all 1 and the number of terms in each row 
equal one more than the row number. To find an interior number, again add the two numbers 
in the positions above and to the left and right of the position being filled reducing the 
sum modulo two. Otherwise, we could compute the standard Pascal triangle and reduce 
each of the entries modulo two when we arrive at the desired row. Considering memory 
and computational requirements, the second method is not as efficient as the first where 
reduction is performed at each row. In fact the Exclusive OR operation replaces the addition 
and reduction modulo two with one logical gate. 

Pascal’s Identity and Pascal’s triangle combine to form the Binomial Theorem for 
polynomials. We provide a short combinatorial proof of the Binomial Theorem. The in- 
ductive proof can be found in Rosen’s Number Theory text [9]. 


Theorem II.1 (Binomial Theorem): Given two real numbers a and b and any 
positive integer n, then 
n a 
b nr —_ be 
(eto = > ("Je 


Proof (Binomial Theorem). Consider how to get a term of the form a”~‘b' from the product 
of n terms of the form (a + b): 


(a +b)” =(a+b)(a+b)---(a+0). 


We could choose the b’s from any i number of the n factors. There are (n — 7) factors 
remaining to choose the a’s from. The number of ways to choose 7 objects from a collection 
of n objects without replacement, where order is not important, is simply ae Thus, each 
a”~‘b' term has coefficient (""), which completes the proof. 














B. GROUP THEORY 


A group is defined as a set of elements G with an associated binary operation * on 
the elements of G and is denoted by |G, «]. However, we will abuse this notation by writing 
G to indicate the group, only if the operation is understood from the context. The group 
satisfies the following conditions [8]: 

Closure: For all a,b € G,a* b =c for some c € G. 

Associativity: For all a,b,c € G,ax* (b*c) = (a*b) ¥* ©. 

Identity: There exists e € G, such that for alla € G,axe =exa=a. 

Inverses: For all a € G, there exists a~! € G,such thata xa7~' = a7! *a=e. 
Furthermore, because the groups we are investigating are associated with a field, they also 
satisfy the commutative property and are referred to as abelian groups [8]. 

Commutativity: For alla,b € G,axb=bxa. 

A group G is said to be a finite group if the set G has a finite number of elements. In this 
case, the number of elements is called the order of G, denoted by #G or |G| [8]. 

An example of a group is the set of congruence classes of the integers modulo n 
under addition modulo n. Given a positive integer n, we denote the congruence classes by 
[a],, which is the set of all integers congruent to a modulo n. The set of congruence classes 


of n is denoted by 


Ln = {[0n, Le [2]n, e585 [n _ 2)n [n _ Las 


This set forms a group under addition where [a], + [b], = [a + 6], and is denoted G,, = 
[Gn, +] [8]. 

Let G be a group and a be any element of G, then the set (a) = {7 € Gla = 
a’, for alli € Z} is called the cyclic subgroup generated by a. The group G is called 
a cyclic group if there exists an element a in G' such that G = (a). In this case a is 
called a generator of G and the successive powers of a generate every element of the group 
[8]. Furthermore, if n is a prime p, then the set GF = G, — {[0],} forms a group under 
multiplication modulo n. Note the necessary requirement to remove the zero class because 
zero has no inverse under multiplication. An important characteristic of the integers modulo 
a prime p is that every such group is a cyclic group. If p > 2, then the group has at least 


two generators. 


C. FIELD THEORY 


A field is a set of elements F' together with the two binary operations + and * on F’ 
and is denoted by F' = |F,+, *|. A field satisfies the following conditions [8]: 

Addition: The set F' is an abelian group under addition with identity zero. 

Multiplication: The set /' — {0} is an abelian group under multiplication with 
nonzero identity one. 

Distributive: For all a,b,c € F,a* (b+c) =(a*b)+(axc). 
If the set F is finite, then the field F is a finite field. If F is a finite field, the multiplicative 
group is cyclic. Since it forms the foundation as the base field for our further discussion, 
we now provide the operation tables for the integers modulo two, also called the Galois 


Field of two elements, as an example. 






























































+|/0} 1 * | 0] 1 
00) 1 0 || 0 
1] 1140 1|}0) 1 
Table II.1 Addition in GF'(2) Table II.2 Multiplication in G'F'(2) 


The next section describes Galois Fields in greater detail, but we provide a quick 
definition here to clarify our notation. A Galois Field is any finite field with a prime, or a 


power of a prime, order. Galois Field’s are denoted in several ways, to include the following 











notations; GF'(p”), Fn, and G'F'(p)[a]/ (f(a)) (where f is a polynomial that generates the 





field, which we further explain in the following section) are the most common notations. 


We predominantly use the first notation throughout this paper. Therefore, GF'(2) is the 
field with only two elements, namely {0,1}. Thus, G'F'(2”) is the polynomial field whose 
variable coefficients are contained in the subfield G'F'(2). We now provide more rigorous 
definitions of these terms. 

Let F be a field. If a), a) 1,...,@1,@) © F (where n is a non-negative integer), 
then any expression of the form a,x” + an_1v* | ++-++a,2 + ag is called a polynomial 
over F in the indeterminate x with coefficients a,,,@,_1,...,@ 9. We also call F' the base 
field or ground field. The subscript 7 of the coefficient a; is called the index [8]. If n is 
the largest non-negative index such that a, # 0, then we say that the polynomial f(x) = 
Anx" +--+ + a,x + ao has degree n, written deg(f(x)) = n, and a,, is called the leading 
coefficient of f(x). If the leading coefficient of f(x) is one, then f(x) is said to be a monic 
polynomial. The set of all polynomials with coefficients in F' is denoted by F'[z] [8]. An 
element c is called a root of f(x) if f(c) = 0 [8]. While it is possible for a polynomial to 
have a root in its base field F’, it is not necessary. In fact f(a) may have no roots in its base 
field. In this case, all of the roots of f(x) exist in some extension field which we define 
shortly. 

Similar to the division algorithm for the integers, we can define a division algorithm 
for polynomials. For any polynomials f(x) and g(x) in Fz], with g(x) 0, there exist 
unique polynomials g(x),r(x) € Fx] such that f(7) = q(x)g(x) + r(x) where either 
deg(r(x)) < deg(g(x)) or r(x) = O (See [8] p.163 for a proof). Just as the division 
algorithm in N has a polynomial counterpart, so does the concept of congruences. Let F’ be 
a field, and p(x) be a fixed polynomial over F’. If a(a), b(x) € F, then we say that a(x) and 
(a(x) — O(a). 
The set {b(x) € Fla]la(x) = b(x) (mod p(x))} is called the congruence class of a(x), 
and is denoted by [a()],2). The set of all congruence classes modulo p(x) is denoted by 
Fle /(p(w)) (8) 


A non-constant polynomial is said to be irreducible over the field F if it can- 


b(x) are congruent modulo p(x), written a(x) = b(x) (mod p(z)), if p(x) 


not be factored in F'|x] into a product of polynomials of only lower degree. It is said 
to be reducible over F' if such a factorization exists [8]. The base field F’ of a polyno- 
mial field F'|x] can be either an infinite or finite field. Throughout this thesis we con- 
sider the base field GF'(2). As an example of reducibility, we define the polynomials 
fiz), fo(x), n(x), go(z) € Fla], where fi(z) = 2? +1, folx) = 2? +241, n(x) =2, 
go(x) = x +1. Note that f; (x) has the factorization x? +1 = (x+1)(x+1) =(@4+1)? = 
(go(x))?, and so f(x) is reducible. But since g,(x) and g2(x) (which are the only degree 


one polynomials in GF'(2)) do not divide f2(a) exactly, fo(x) is irreducible. By the Fun- 
damental Theorem of Algebra, every polynomial of degree n has n roots. If all of the 
factors of a polynomial are not linear over the base field, then its roots must exist in some 
larger field. This suggests the concept of an extension field, but first we provide a familiar 


example. 











The polynomial x? + 1 has no roots in the field R of real numbers. However, we 














obtain a root by introducing the element i for which i? = —1 and adjoining it to the field R. 





This leads to the definition of the field of complex numbers, denoted by C, which contains 














elements of the form a +73, where a and (@ are elements of R. In a similar manner, we can 
construct larger fields in which any polynomial, over any field, has a root. To accomplish 
this we use congruence classes of polynomials [8]. Let & and F' be fields. If F’ is a subset 
of £ and is closed under the operations of addition and multiplication defined for F, then F’ 
is called a subfield of E, and E is called an extension field of F [8]. Let F' be an extension 
field of the field A’. If the dimension of F’ as a vector space over K is finite, then F’ is said 
to be a finite extension of K [8]. 

Let K be a field and let f(x) = a,v" +--+ ao be a polynomial in K |x] irreducible 
over KX. If F' is an extension field of A’, then F is a splitting field for f(x) over K if there 
exist elements 71,72,...,7, in F' such that f(x) = a,(% — r1)(a — r2)...(a — rp), and 
F = K(ri,ra,...,1n). The elements r1,72,..., 17 are roots of f(x), and so F is obtained 
by adjoining to K a complete set of the roots of f(a). We say that f(a) splits over the field 
if E contains the splitting field of F’ [8]. 


D. GALOIS THEORY 


We now have the necessary definitions and theorems to define a Galois field. If p 
is any prime and k is any integer, there exists a unique finite field of order p*. This field is 
called the Galois field of order p* and is denoted by GF(p*) [8]. The characteristic of a 
Galois field is defined by the order of the base field, namely p. Because of its applications 
in electronic data systems, we are interested in Galois fields of characteristic two denoted 
by GF(2). 

Given an irreducible polynomial f(x) of degree n over GF'(2) with the complex 
root a, then a is a primitive element of f(x) if and only if a is a multiplicative generator of 
all nonzero elements of GF'(2”). Moreover, f (2) is defined to be a primitive polynomial if 


f(x) has an associated root a which is a primitive element. Then the powers of a’, where 


i € {0,1,2,...,2" — 2}, are all distinct elements when reduced modulo f(z) and modulo 
two. The set of elements generated by f() is defined as GF'(2") = oer = {a'li € 
Zjn_,}, Where n = deg(f(x)). These elements comprise the splitting field of f(x) over 
GF(2"), where addition and multiplication are well defined. 

Although the primitive element a is a multiplicative generator for GF'(2"), a does 
not provide a relationship of the elements under addition. Our motivation for this thesis is 
to search for polynomials that provide insight into the relationship between addition and 
multiplication in certain representations of GF(2”). The additive properties of each a’ is 
fundamentally the Discrete Logarithm Problem as presented in Chapter I. 

If a polynomial of degree n is primitive, that polynomial is said to generate all the 
nonzero elements of the field. However each element a’ in GF'(2”) is uniquely expressible 
as a linear combination of elements of the set P = {a°,a',a?,a°,...a”~'}, where P 
is referred to as a polynomial basis of GF'(2"). That is to say, if we consider only the 
coefficients of an element of G'F'(2”), we can represent the coefficients as a vector of length 
n. For example, if a primitive polynomial has degree three, the element 27 = x? + z is 
annotated as the vector[1 1 0] and the element x* = x + 1 is associated to the vector 
[0 1 1]. Soa primitive polynomial of degree three generates all possible binary 3-long 
vectors, or 3-tuples, except for the all zeros vector. Since the entries in the vector are either 
zero or one, as defined by the base field G'F'(2), there are 2” — 1 nonzero elements in the 
field. 





























i lla? lae]l 
0; 0/0) 1 
1; 0)1/0 
2\ 1)0/0 
3/ 0);1/)1 
4} 1)1]0 
5] 1 | 1} 1 
6/ 1);0/)1 























Table II.3 Multiplicative group generated by f(r) = 2? +2+1 


Consider the primitive polynomial f(z) = x? + x2 +1 over GF(2). This poly- 
nomial has no roots in the base field , but the adjoined root a in the extension field gives 
f(a) = a2 +a+1 = 0. Subsequent powers of a generate all possible 3-tuples in an 
order determined modulo the polynomial and the coefficients modulo two. Without loss 


of generality, we shall express the elements of the field using the indeterminate variable x 


10 


rather than the root a. Table II.3 lists the nonzero elements of the field generated as powers 
of a represented by x’ = ayv? +a ,x+ <a. The first column, i, is the power of the generator, 
while the remaining columns represent the coefficient vector described above. 

Recall that a primitive polynomial with a multiplicative generator creates the mul- 
tiplicative group of all 2” — 1 nonzero elements. So the period of a primitive polynomial is 
2” — 1. If a polynomial of degree n is irreducible but not primitive, then its period is some 
divisor of 2” — 1. Since a is a primitive root of f(a) of degree n, every element of GF'(2") 
can be represented as linear combinations of the first m powers of a. The representation 
of each element is uniquely determined by f(x), as in Table II.3, and the zero element is 
represented as the all 0 vector. 

The first well known property of Galois Fields is the characteristic identity, as 
defined in the following theorem. 


k 


Theorem II.2: Given a polynomial f(x) over GF(p), then (f(x))” = f(x®"), 
which is defined as the characteristic identity of a finite field. 


n-1 


Proof. We write the function f(a) as )7j".9 a; = dn2”" + Yi) ait! = Gynt" + gi(x). It 
follows from the Binomial Theorem that 


k k 


(f(x)? = (ana” + gi(x))? 


But e) = FGF 


il(p* —1)! 


reduces to (a,")” +(gi(x))?” = (an)” (2) +(g,(x))?". By Fermat’s Little Theorem, 


= 0 (mod p) for all i except zero and p*. So the above expression 





(Gaye ea (mod p). We repeat this process for each successive term until gn—1(x) = 
k k 

a,x + ao. By the same procedure as above, (gn—1(a))” = (aiv +)? = ay(2P") + a. 

Thus (f(x))?" = eee («"") = f(x"), which completes the proof. 














There are two well known results regarding the number of primitive and irreducible 
polynomials of degree n over a finite field. The number of primitive polynomials of degree 


n is given by 
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where ¢(7) is the totient function, and the number of irreducible polynomials is 


d\n 


where j1 is the Mébius function. Also note, that if f(a) is a primitive or irreducible poly- 
nomial over GF'(2), so too is the reciprocal polynomial f*(2) = «” - f(+), where n is the 
degree of f(x). 





Theorem II.3: Jf f(x) = anv” + Gn_yx" 1 + +++ + gx? + a,x + dg is a primitive 
polynomial over GF (2), then f*(x) = apx" + aya") ++ ++ + Gyo? + An_12 + Ay, is also 
a primitive polynomial. 


Proof. It is sufficient to show a mapping from f(x) to f*(x). We show that f*(x) = 
ot f(2) 


t(2)-9 (2) ee (B) stm) ea) ee) 
os(D)e#[6() eG) ++) a) +90] 


0° type poe Gee ae aga” 











= agx” + aya"! + +++ + Gn—2t” + On + Gn = f*(2) 

















Since x” - f (> 


[Re 
ee 


f*(x), f*(x) is also a primitive polynomial, which completes the proof. 














Consider the example of f(x) = x’ + x? + x? +2 +1. Since this polynomial is 
7 





+ © + 2° + 2+ + 1. So if we find one primitive 





primitive over GF (2), soisx’- f(4) =x 
polynomial, we have actually found two. This simplifies our search for Pascal polynomials 


since we need only test half as many polynomials. 


E. TESTS FOR IRREDUCIBILITY/PRIMITIVITY 


There are primarily two methods to test a polynomial for irreducibility and two 
methods for testing primitivity. The first method for testing irreducibility and primitivity is 
called the sieving method. This requires a complete listing of all irreducible polynomials 
whose degree is half of the degree of the polynomial in question. For example, suppose a 


polynomial f(a) has degree 33. We would require a complete list of irreducible polyno- 


33-1 


5 | = 16. To then determine irreducibility, we would successively 


mials up to degree | 


i 


divide f(x) by each irreducible polynomial in our list. If any polynomial, say g(x), divides 
fa) _ 
g(a) 
polynomial f(x) to be irreducible, we assume it has an associated primitive root a which 


f(x) without a remainder, then f(a) is reducible since p(x) [1]. Once we know a 
is a generator of all 2” — 1 nonzero elements. We successively compute the powers of a 
modulo f(x) modulo two. If a? repeats any element a‘ such that 0 <i <j < 2-1, 
then f(x) is imprimitive. Note that as the degree of the polynomial increases, this method 
is very computationally expensive and therefore very undesirable. 

The second method is a nine step algorithm presented by S. E. O’Connor [10] that 
checks both irreducibility and primitivity of a polynomial over an arbitrary ground field 
GF'(p), where p is prime. This method is preferred due to computational speed and effi- 
ciency. However, since we consider only the ground field GF'(2), we can omit steps 2 and 
6 from the original algorithm. Also, since our polynomials are not randomly generated, 
we show in the beginning of Chapter 3 that Pascal polynomials have no linear factors over 
GF(2), and so we omit step 3. Furthermore, we omit the Berlekamp test for irreducibility 
as the final step will filter out any reducible polynomials that pass Step 2. Our modified 
algorithm is simplified over GF'(2) where we assume there exists an efficient algorithm 
for factoring 2” — 1. Since polynomial division is a simple shift of a bit string combined 
with a bitwise XOR operation, of which both operations are native to microprocessors, the 
most difficult step in the algorithm is factoring 2” — 1. We now present a modified and 
renumbered version of the algorithm for testing Pascal polynomials over G'F'(2). 

Step 1: Generate a new degree n monic Pascal polynomial over G'F'(2) of the form 
f(z) =2"+ (e+ 1)". 

Step 2: Check if 2?"~' = 1 (mod (f(z), 2)) and reject the polynomial as reducible 
if the equivalence is not true. 

In this step, we note that the cyclotomic polynomial c(x) = x?"~! + 1 contains as 
its roots all 2” — 1 complex roots of unity on the unit circle defined in the complex plane of 
numbers [1]. Thus any irreducible polynomial f(a) of degree n contains as its roots some 
subset of the roots of c(x) [1]. Therefore, if f(x) does not divide c(x) without remainder, 
then f(z) is reducible over GF'(2). We must still check that f(x) is not a product of smaller 
order polynomials that also divide c(x). 

Step 3: Factor r = 2” — 1, into distinct primes; r = pi... p;*. 

Step 4: Check if 7” = 1 (mod (f(x),2)), where m € {=, —,...,5-}, and reject 


pi? p2?* 
the polynomial as not primitive if any of these equivalences are true. 


13 


This step utilizes Lagrange’s Theorem which states that if S is a subgroup of a 
group G, then the order of S divides the order of G [8]. So with a complete factorization of 
r, we continue to divide f (2) into each of the cyclotomic polynomials whose degrees are a 
combination of the factors of 2” — 1. A consequence of Step 4 is that if a polynomial has 
prime degree p, such that 2? — 1 is a Mersenne prime, then all irreducible polynomials of 
degree p are in fact primitive. Since Mersenne primes are very rare among the Mersenne 
numbers, it provides us little computational efficiency to rely on this consequence and 
incorporate individual tests for irreducibility into our algorithm. In the case of randomly 
generated polynomials, a separate test for irreducibility could provide added speed to the 
algorithm. However, our polynomials have a noticeable structure and are not randomly 
generated. We expect to see a large number of these polynomials as primitive and will 
likely reach the step in O’Connor’s algorithm that factors 2” — 1, which is arguably the most 
difficult step in the algorithm. For a complete explanation of why we can omit Berlekamp’s 
Test for Irreducibility and move right to our Step 4, reference Appendix A. 

Step 5: If f(x) passes steps 1 through 4, accept it as primitive. 

As an example, consider the previous polynomial f(z) = x’ + (2 +1)? = 27 + 
x? +2? +2-+4+ 1 where c(x) = x!?’ + 1. Performing the polynomial division modulo two 
shows that f(x) divides c(x) without remainder. Since 2’ — 1 = 127 is a Mersenne prime, 
f(x) cannot have period smaller than 127 and is therefore primitive. 

So what if 2” — 1 is not a Mersenne prime? Consider these three examples of 
reducible polynomials; f,(x) = v°+a3+a?+a+1, fo(x) = °+a°+a*+2?+27+2-+1, and 
f3(z) = 2© +27 +1. Note that f; is also a Pascal polynomial where f;(x) = 2° +(x+1)°. 
However, fi, 2, and f3 are reducible having the factors f; (x) = (27 +2+1)(2++2° +1), 
fo(x) = (a3 +. 24+1)(2? + 2741), and f3(x) = (v3 + x + 1)?(which has repeated factors). 


Now let’s look at the factorization of c(x) = 2?°-! +1, 














c(t) =(@ + 1)(@? +2741)(22 +24 
i te+ 1G 22412 +24? +e 1): 








where the remaining factors of c() are the remaining irreducible sixth degree polynomials. 


Note that f; will not divide c(x), since c(z) does not have (x* +? +1) as one of its factors. 





Also note that f3 will not divide c(x), since c(x) only has (x? + x + 1) as one of its factors 
once, not twice. Thus f; and {3 would have been eliminated in Step 2. Now fo is a little 


tricky since c(x) has as its factors both of the factors of fo. So f2 will pass Step 2 since it 
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evenly divides c(x), but it will not pass Step 4. Both factors of f2 are themselves primitive 
polynomials with period 2? — 1 = 7. The period of f» is therefore the period of the least 
common multiple of the periods of its factors. So the period of f2 is seven. Step 3 shows 
the factors of 2°—1 = 63 = 3?-7. When we divide 1°? + 1 = x?! +1 by fo, the remainder 


will be zero and we reject this polynomial as primitive. 
F. LINEAR-FEEDBACK SHIFT REGISTERS 


A Linear-Feedback Shift Register, or LFSR, is an electronic hardware or software 
representation of a polynomial over GF'(2). A LFSR is a finite-state machine whose suc- 
cessive states are uniquely determined by the previous state of the register. We denote a 
state by s; and define a function 7(s;) to be the operation performed by the register where 
Si41 = Y(s;) [1]. Each successive state corresponds to a time-step of the register where the 
output of the register at each time-step 1s a single bit. A LFSR is equivalent to a polynomial 
over G'F(2) such that y(s;) = 37") a,x" = f(x) where the a,’s are the coefficients of the 
terms with degree less than n of the polynomial f(x). If a primitive polynomial is used 
to represent the operation of the register, then the resulting sequence of outputs is an m- 
sequence of full length or period. As expected, a full-length m-sequence has period 2” — 1 


where n is the degree of the primitive polynomial represented by the register. 





Figure 4. Galois LFSR for f(z) = 2! +2? +2?+2+4+1 
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There are essentially two classical types of LFSRs, the Fibonacci register and the 
Galois register. The Galois register is useful for generating the successive powers of the 
primitive element a and the state of the machine at time 7 gives the field representation 
of a’. Table II.3 is the actual output of the Galois register represented by the primitive 
polynomial f(x) = x? + 2+ 1. While the bit-stream output from both registers is identical 
at certain offsets, the Fibonacci register is computationally more efficient at producing 
the m-sequence without regard to the field representation of f(x). Figure 3 and Figure 


4 demonstrate the operation of the two registers given the primitive polynomial f(x) = 





e+e +a*taet+i. 

For the primitive polynomial f(x) = 7?+a+1, the m-sequence outputis[0 0 1 
0 1 1 1). If we take a linear shift of the m-sequence by some number of bits i and sum 
the bits of the shifted sequence to the original sequence modulo two, the result is the same 
sequence shifted by a number of bits 7. First, a labeling of the ™m-sequence is necessary to 
determine the magnitude of the shift. We label each sequence in the following fashion, 


0 oO 1 0 1 1 1 
So Si So 53 S4 Ss S6 


We next take the original sequence with a shift of one, and add each bit modulo two as 








follows. 
00101 1 41 So Si So S3 Sa Ss Se 
Oo 101 21 21 =0 5S, Sy S3 Sy Ss Se Spo 
Oo 11 41 00 =41 S3 S4, Sx Se So SS, So 


The resulting sequence is a shift of the original sequence by 3 positions. 

Shift-and-Add (SAA) pairs [4], also referred to as Cycle-and-Add pairs [1], are only 
defined for primitive polynomials and therefore allow for a method for performing addition 
within a respective field as characterized by a primitive polynomial f(x). In particular, 
SAA pairs describe two elements of the field whose sum, taken modulo two, differs only 
by x° = 1. Observe from Table II.3 that x? + x® = 1. So 2? and 2° are also SAA 
pairs and we denote this relationship by writing the exponents as an ordered pair. Thus 
(1,3), (2,6), and (4, 5) are examples of SAA pairs as seen in Table II.3. In the example of 
f(x) = 2? + x +1, we notice that f(x) is a trinomial. Primitive trinomials are desirable 
in that they give an immediate SAA pair for the field. By setting a primitive trinomial f(z) 
equal to zero, we get the first SAA pair by 
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et+xr+1=0 


e=rtl. 


Squaring both sides of the equation gives x® = (x + 1)?. By the Binomial Theorem, 
(x +1)? = 2? + 2x7 + 1. Reducing the coefficients modulo two, (x + 1)? = x? + 1 and 
thus 7° = x? + 1. Squaring once more gives 1!? = 2° = (x? +1)? = 2+ +1. Thus, 
from one SAA pair we can generate a table that defines addition within the field. If we 
wanted to know the sum, x* + x4, as a power of the primitive element, we simply perform 


the following reduction 


Thus the SAA or Zech’s Logarithm table, provides a convenient method of per- 
forming addition within GF'(2") without computing the entire multiplication and addition 
tables for f(x). Note that as the degree of the polynomial increases, the size of the field 
grows exponentially. However, the “squaring method” of finding SAA pairs only provides 
a linear growth in the number of SAA pairs immediately obtainable. Some work is required 
to compute the rest of the SAA table, but efficient algorithms provide a method of complet- 
ing this table. Since every primitive polynomial divides the polynomial representations of 


each of its SAA pairs, we can search for the next SAA pair not in our table by computing 


1+at 
f(@) 





+r = 2), The singleton remainder term x/ gives the SAA pair (i, 7). 





Consider the polynomial f(z) = 27 +23 +2?+2+1=2'+(x+1)%, we know 
from Chapter | that the first SAA pair for this polynomial is (1,87). Recall that this SAA 
pair corresponds to the trinomial x°’ + 2 + 1. Squaring the trinomial gives 714 + 2? + 1. 
Reducing the exponents modulo 127 gives the trinomial x*” + x? + 1, resulting in the SAA 
pair (2,47). So we get the first seven SAA pairs by taking (2* x 1,2" x 87) (mod 127) 
where 0 < k& < n—1. The first seven SAA pairs for f(a) are (1,87), (2,47), (4,94), 
(8,61), (16, 122), (32,117), and(64, 107). We get seven more SAA pairs by multiplying 
the original trinomial z*’ + x + 1 by x71, and performing the squaring operation again 
by taking (2” x (—1), 2" x (87 — 1)) (mod 127). The resulting SAA pairs are (126, 86), 
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(125, 45), (123, 90), (119, 53), (111, 106), (95, 85), and(63, 43). Again, we get seven more 
by multiplying by x~*” and taking (2* x (—87), 2" x (1 — 87)) (mod 127). This time, the 
resulting SAA pairs are (40, 41), (80, 82), (33, 37), (66, 74), (5, 21), (10, 42), and(20, 84). 
The first 63 SAA pairs were relatively straightforward to find, but there are still 
63 more to be found. The first integer that is not in a SAA pair is 3. To find the 7 that 
satisfies 23 + 2° + 1, we multiply 1? + 1 by x12”. We begin reducing x1°° + x2" by adding 
multiples of f(x) modulo two. Clearly x?"~' = 1 (mod (f(zx),2)), for any primitive 
polynomial f(x) with degree n, so dividing by f(x) will simply return what we began 
with. But while performing the polynomial division, there is a polynomial multiple of f(z) 
that when added to x'8° + x2", leaves a single remainder term. This singleton remainder 
results in the desired 7 that we were looking for. In this case the SAA pair is thus (3,57). 
We can perform the squaring and multiplying procedure to find the next 21 SAA pairs. 
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Hil. PASCAL POLYNOMIALS 


We continue by considering polynomials of the form f(x) = 7" + p(x), where p(x) 
is a row of Pascal’s triangle modulo two. We define polynomials of this form as Pascal 
polynomials. Since each row of Pascal’s triangle can be viewed as the coefficients in the 
expansion of (x + 1)*, any polynomial that can be represented in the form of a row of 
Pascal’s triangle plus an additional monomial term resembles a trinomial. It would be very 
nice to find a primitive polynomial of this form because we could then find an easy solution 
for the first SAA pair. 

Why do we care if p(x) is a row of Pascal’s triangle? The most obvious reason, as 
stated above, is that a Pascal polynomial of the form f(x) = x" + (x + 1)* is similar to a 
trinomial of the form g(x) = «"+a*+1. The not so obvious reason to choose polynomials 
of this form is that when f(x) = x” + (x + 1)*, f(x) has no linear factors. This allows 
us to exclude Step 3 in O’Connor’s test for irreducibility/primitivity. Any row of Pascal’s 
triangle modulo two has an even number of nonzero terms, with the outermost terms always 
being 1. Thus adding the additional x” term yields a polynomial with an odd number of 
terms, and f(z) has no solutions in the ground field GF'(2). 


Theorem III.1: Any polynomial of the form f(x) = x" + (a + 1)* has no linear 
factors over GF(2), where n > O and k > 0. 


Proof. Evaluating f(x) over the ground field, we see that 





(mod 2), and 


f(0) =0"+ O41)" =0+(1)"= 
1? (mod 2). 


ee 
eS ae Sa 























So f(x) has no linear factors, which completes the proof. 





Since we have just shown that polynomials of the form f(a) = x” + (x + 1)* have 
no linear factors over the ground field, we can exclude this step in our test for irreducibil- 
ity. This thesis investigates some specific cases of the generalized class of polynomials 
over GF(2) of the form f(x) = x” + (x* + 1)*. For now we set a = 1, giving poly- 
nomials of the form f(x) = x” + (x + 1)*. Recall that the fewer terms in a primitive 
polynomial, the fewer addition operations, and the faster we can implement the algorithm 
in hardware/software. So a polynomial with fewer terms is presumably more computation- 


ally efficient when wired up as an LFSR, thus trinomials are preferred over pentanomials 
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which are preferred over heptanomials, etc... It would be nice to know which rows of Pas- 
cal’s triangle will yield four terms, six terms, eight terms, etc... Consider the following 


theorem. 


Theorem III.2: The number of odd terms in row k of Pascal’s triangle is 2"), 
where wt (k) is the Hamming weight of k and represents the number of one’s in the binary 
expansion of k. 


Proof. Let f(x) = (x +1) = ae (") x’ be the polynomial representation of the k" row 


in Pascal’s triangle modulo two. Further, if the Hamming weight of k is wt (k) = w, we 
can write the binary representation of k as k = par 2%) where ky < ko <--> < ky. 
Then, 
(a + 1)=*o” = [] (w+ 1)” 
i=0 
=|[ (x?" +1) 


ll 
fos) 


by Theorem II.2. It is straightforward to show that any polynomial with n terms will have 
twice as many terms when multiplied by the binomial (* + 1), such that a does not equal 
any exponent in the original polynomial. Since our last equation has w binomial products, 
there are 2” number of terms in the expanded product. The resulting expanded polynomial 
must match the number of terms in the binomial expansion. So there must be 2” number 
of binomial coefficients ("), which are odd. This completes the proof. 














We now know that if & is a power of two, then by Theorem II.2, the polynomial 
f(x) = a + (x +1) = a 4+ x2" +1. A great deal is known about trinomials over 
GF‘(2), thanks to the celebrated Swan’s Theorem [5], so we focus the scope of this thesis 
to polynomials with more than three terms, namely k 4 2’. But Theorem III.2 shows that 
our Pascal polynomial yields a pentanomial if and only if the Hamming weight is two. 


Corollary II.3: The polynomial f(x) = x” + (x + 1)*, with n > k, is a pen- 
tanomial if and only if the Hamming weight of k is 2. 


Proof. Consider k = 2° + 2°, where t > s. Then, 





a+ (ety Se" + (ep)? @+ 1)” 


t Ss 
=g’+qg + q% +27 +1 











The reciprocal is trivial as the number of terms in (x + 1)" is 2") = 2? = 4, by Theorem 
If.2. This completes the proof. 
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Thus, we should focus our attention on rows of Pascal’s triangle that have a Ham- 
ming weight of two or more. Since three is the smallest number with Hamming weight 


two, let us begin our examination with row three Pascal polynomials. 


A. ROW THREE POLYNOMIALS 


We want to know when the pentanomial f(x) = 7" + x? + 2° + x + 1 is primitive 
for n > 3. In order to solve for a SAA pair, we note that if x” + (x + 1)? = 0, then 





x” = (x + 1)%. Note that a polynomial has the SAA property if and only if it is primitive. 
But having a SAA solution (i.e. x + 1 = x"/*) is not a sufficient condition for primitivity. 
So when 3|n, f(x) has a SAA solution. But we show now that f(x) of degree n = 37 is 
reducible with the factor g(x) = x? + x + 1, therefore f(x) is imprimitive and does not 


have the SAA property even though it has a SAA solution. 


Theorem III.4: Any polynomial of the form f(x) = 2°" +22 +27? +2+1is 


reducible over GF'(2). 





Proof (Induction). Let g(x) = x? + x + 1. Clearly g(x)|(x? + x + 1), so it is sufficient to 
show that g(a)|(x*" + x3). Reducing the monomial term x*” modulo g(x) modulo 2, we 
have 


tt + 382 ( 4? tat 1) + 33 (q? tat 1) = 
ot a tt ats gor! ae gor? A ger! a0 gor? es gor 3 = 


gr =F) God 2). 


3h 


We can continue this reduction until 7°” = x? (mod (g(x), 2)). Therefore g(x)|(x>”" + x?) 
and it follows that g(x)| f(a), which completes the proof. 














We next consider polynomials of an even degree where n = 2n. It is clear that 
3 { 2n unless 3]n. If f(x) is a primitive polynomial, then the root a is a cyclic generator of 
the multiplicative group with period 2” — 1 such that a?"~! = a® = 1. Therefore, we can 


multiply the equation, any number of times, by a?"~! giving 


(a+ 1)? = 7" 


~ QA 
= Gri te-1) 


= gp 2htt(2?*—1) 
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Now the exponent looks more complicated and we must determine its divisibility by three. 


Before investigating this case, we prove a useful lemma. 


Lemma IIL5: Jf ‘a’ is an even nonnegative integer, then 3 divides 2°—1. Otherwise 
if ‘a’ is odd, then 3 divides 2° + 1. 














ee Since 2 = —1 (mod 3), then 2* — 1 = (—1)* — 1 = O if ais even. Otherwise 
2° + 1= (—1)* + 1 = Oif ais odd, which completes the proof. 





So when the degree of f(a) is even, we now provide a proof that the exponent 
27 + t(2?” — 1) is not divisible by three. Thus row three polynomials of even degree can 


never have the SAA Property and are therefore imprimitive. 


Lemma III.6: For any nonnegative integers n and t where n = 2n and 3 { n, then 
it is the case that 3 { 27 + t(27” — 1). 


Proof. Lemma III.5 shows 3 | (27” — 1) so 3 | t(2?” — 1) for any choice of t € Z. Thus 
when n = 27 and 3 { n, three cannot divide 27 +t(2?” — 1) which completes the proof. 














So the degree of a row three polynomial cannot be even or a multiple of three and be 
primitive. By applying a sieve to the integers and removing those not of the form n = 2n 
or n = 3n, we observe that the remaining integers have the form n = 6n + 1 for all n € Z. 





Y\}Z/314)/5)76/7)/8]9 
11 12} 13 | 14 | 15 | 16 | 17 | 48 | 19 
DA | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 





SSS 









































Table III.1 Integers of the form 6Z + 1 


We now prove that if f(a) is a row-three polynomial with degree n = 67 + 1, then 
f(x) has a SAA solution and can be further tested for the SAA Property (i.e. primitivity) 
using the method described in Chapter II. 


pais 





Theorem III.7: When n = 67 +1, three divides 67 + 1 + t(2°"*' — 1) for some 
te 12) 


Proof 1 (Induction). Clearly 3 | 67, so when n = 67 — 1 and t = 1 we have 


ret _ i aS Care _ 2) 


By Lemma IIL5 three divides (27"—1) — 1), so three also divides (67 + 2°"-1 — 2), 


Proof 2 (Induction). Again 3 | 67, so when n = 67 + 1 and t = 2 we have 





202 = 1) Ae f= oe = 1) 
= (oreery —~ 1). 


By Lemma IIL.5 three divides (27"+) — 1), so three also divides (67% + 2°"*? — 1). Thus 
for any choice of t € {1,2}, three always divides 67 + 1 + ¢(2°"*! — 1), which completes 
the proof. 

















Combining the first and second class of row three polynomials, we obtain a gen- 





eralized class of row three polynomials of the form f(a) = x°"+! + (2 + 1)" which, if 
irreducible, potentially have an associated primitive element. Before we begin searching 
for primitive polynomials of this type, recall from the beginning of the chapter that the 
generalized Pascal polynomial has the form f(x) = x” + (x7 + 1)*. Note that our solu- 
tions for the SAA pair of row three polynomials is independent of the value of a. We use 
this concept to find multiple pentanomials for a specific value of m which we can also test 
for primitivity. Thus, we consider the most generalized row three polynomials of the form 
f(x) = 2*! + (2% + 1)* where n = 67 +1 > 3a. 


As an example, consider a row three polynomial of degree seven, where the expo- 





nent a is equal to one. This polynomial expands to the pentanomial f(x) = 27 +a? +a?+ 


x +1. We could also allow the exponent a to equal two and the resulting polynomial is 





f(x) =2'+2°+2++27 +1, which is still a pentanomial of degree 7. So for polynomials 


of degree seven, there are two pentanomials to test for primitivity. Both of these are in fact 
(n=2) 
3 





primitive. Generalizing this concept, as long as n > 3a, there are | | pentanomials 


which may be primitive. 
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B. ROW FIVE POLYNOMIALS 


The next class of polynomials we investigate are row five polynomials of the form 


f(x) = 2" + (x + 1)°. Note that five is one greater than a power of two, so the full 


expansion yields a pentanomial of the form f(r) = 2" + 2°+ 24+ 2+ 1. Again we 





examine characteristics of the degree of the polynomial. If the degree is a multiple of five, 
then f(z) is reducible. 


Theorem III.8: Given a polynomial f(x) = 7°" +(x+1)° over GF (2) andn > 1, 
f (x) is reducible with the factor g(x) =x" +x+4+1. 


Proof (Construction). 





























which completes the proof. 





Next, we consider the case where the degree of f(x) is a multiple of four. It follows 
from Fermat’s Little Theorem that when the degree of the monomial term is divisible by 


four but not by five, then the cyclic element with exponent 2*” — 1 is divisible by five. 


Lemma III.9: Given an integer n = 4h relatively prime to five, 2*" — 1 is divisible 
by five. 


Proof. By Fermat’s Little Theorem, 


(2°-") = (2*)=1 (mod 5) 
(2*)*=1 (mod 5) 
(2°) -—1=0 (mod 5), 











which completes the proof. 





So a row five polynomial is never primitive if its degree is a multiple of four or 
five. Unfortunately we are not able to say more about when these polynomials are in fact 
primitive. Some of these issues are addressed in Chapter IV. 
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C. GENERALIZED RESULTS 


Following the method described in the preceding sections, there are two main re- 
sults that can be generalized as follows. The degree of a polynomial cannot be a multiple 
of the row value k and the degree cannot be a multiple of ¢(k), where ¢ is Euler’s Totient 
function as defined in Chapter 2. In the first case the polynomial is reducible while the 
second case shows imprimitivity since f(x) has no SAA solution. We present these results 


in a consolidated theorem now. 


Theorem III.10: Given a polynomial of the form f(x) = «% + (a4 +1)* over 
GF (2), where N > K Aand K is odd, if 


(i) N = KT for any integer T > A, then f(a) is reducible with factor g(x) = x? + 
wad. 


(it) N = @(K)T for any integer T not a multiple of K, then f(x) is imprimitive. 


Proof (i). Represent K in its binary expansion K = 2™ + a@y,_12" 1 +++-+a,24 1. By 
a telescoping algorithm, begin with kK = 2” + RF so that 
kT 4 (pA 4 1)K = PtP 4 (74 4 1) O"+8) 
= RE (427 4 (pA 4 1)2") 4 a PP (gd 4 1)?" 
+ (24 +1)?" (24 +1)” 
Sg (a gt” + ted) (a + et ee 1%), 





Repeat this process on the («®? + (24 + 1)*) term for each nonzero a; coefficient until 
Ko. 


Proof (ii). Assume f(a) is a primitive polynomial of degree N = ¢(k)T, where T is 
not a multiple of K, over GF(2) with root a. Then f(a) = a% + (a4 +1)* = 0, and 
(a4 +1)*® = aNat@"-), Since K does not divide N, it is sufficient to show that if 
K divides L(2% — 1), then f(z) has no SAA solution and is never primitive. The result 
follows directly from Euler’s Theorem. Since KC is odd, K is relatively prime to 2. Thus, 


2%) =1 (mod K) 
ON — 90K)T (Qe ye =| 
ge? __1=0 (mod K) 











and K divides (2% — 1), which completes the proof. 
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IV. RESULTS AND FUTURE WORK 


We have shown that primitive polynomials of the form f(x) = x” + p(x), where 
p(x) is a certain row of Pascal’s triangle modulo 2, have restrictions on the value of n for 
a given k'” row. Although this thesis presents conditions under which a polynomial cannot 
be primitive, we have not stated anything conclusive about when a polynomial definitely is 
primitive. The data presented in Appendices C - F, demonstrates that the actual number of 
primitive polynomials to the outside solutions (n > a- k) is not nearly as dense as we had 
hoped. In fact , for a fixed row k of Pascal’s triangle, the number of primitive polynomials 
as n increases becomes very sparse. Perhaps as n grows, so too must the row of the triangle 
which we evaluate. 

Although we did not discuss “inside” solutions in Chapter 3, such a polynomial 
occurs when the degree of the monomial term is inside the expanded binomial terms such 
that n < a-k and the degree is therefore a - k (by our notation for the general form of a 
Pascal polynomial). For example, the polynomial 








is an inside polynomial and is in fact primitive. We performed a comparison of these 
polynomials to trinomials of equal degrees, with interesting results (Appendices G - H). 
The results indicate that any primitive Pascal polynomial has an identical, corresponding 
primitive trinomial. For example, if the polynomial f(x) = (z+1)* +2” is primitive, then 
the trinomial t(z) = x* + x” + 1 is also primitive. So given our example of f, above, the 
trinomial f,(x) = 2° + 2* + 1 should also be primitive, which it is. 

Our experimental result is indicative of the theoretical results obtained by Zeng , 
Han, and He in their currently unpublished paper, The parity of the number of irreducible 











factors of x'~°f (af +1)® + 1 over F, [11]. In this paper, the authors present a generaliza- 





tion of Swan’s theorem for our Pascal polynomials similar to those made in the paper by 
Fredricksen, Hales, and Sweet [6] for trinomials. It is not immediately apparent that the 
polynomials of the form x’~°! (a/+1)°+1 are equivalent to our polynomials with the form 


x” + (x* + 1)*, but they are in fact reciprocal polynomials. 


2 


One area of future work lies in further analysis of the results regarding those Pascal 
polynomials that are primitive. Is there a trend that we can depict, by graphical or other 
means, which might lend some insight into a method of predicting when a Pascal polyno- 
mial will be primitive? Given the linear nature of polynomials as LFSRs, stream ciphers 
using this technique are relatively easy to break for small degree polynomials. However, 
as the degree becomes very large, say n > 200, the sequences take an incredibly long 
time to repeat. In fact, a 200 degree polynomial with full period would take approximately 
6.22 x 10*° years to recycle with a data rate of 1 megabit/second. If we could efficiently 
find a large pool of polynomials with large degree, we could utilize portions of LFSRs with 


a reasonable level of security. 
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APPENDIX A. PROOF OF PRIMITIVE POLYNOMIAL 
ALGORITHM 


Given a polynomial f(x) of degree n over G'F'(2), such that n > 2, we know the 
period of f(x), denoted per(f(z)), is less than or equal to 2” — 1. We also know f(z) is 
primitive if the period of f(a) = 2" — 1. And we know that given two polynomials p(z) 
and q(x), the per(p(x)q(x)) = Iem(per(p(x)), per(q(x))). Armed with these facts, we are 
prepared to make and prove the following claim. 


Theorem A.1: Given a polynomial f(x) of degree n over GF (2), and x?"~! = 1 


(mod f(x)), and x? # 1 (mod f(zx)), for all d that are divisors of 2” — 1, then f(x) is 


primitive. 


Proof (Contradiction). If we know f(x) to be irreducible of degree n, we know per( f(x))|2”— 
1. So if we know that f(z) is irreducible, then the conditions x7"~' = 1 (mod f(x)) and 
x? # 1 (mod f(x)) imply that f(x) is primitive. But we don’t know that f(z) is irre- 
ducible. 

It is sufficient to show that there exists some d|2” — 1 such that x? = 1 (mod f(z)). 
Let’s assume that f(x) = g(x)h(x), where 0 < deg(g(x)) =r <n, and 0 < deg(h(x)) = 
s <n, and deg(f(x)) = deg(g(x)) + deg(h(x)) =r+s =n, and gcd(g(x), h(x)) = 1, 
and x?"-! =1 (mod f(zx)). Then per(g(x)) = e; < 2” — 1 and per(h(zx)) = eg < 2°—-1. 
So per (f(x)) = Iem(e1, e2) = e, and 


SSOP S108 SS rt 


But, since g(x)| f(x) and f(x)|x?"~! + 1, it is also the case that g(a)|x?"~1 + 1, 
which implies that e,|2” — 1. By a similar arguement, h(x)| f(z) so h(x)|x?"~+ +1, which 
implies that e2|2" — 1. Now, since e;|2" — 1 and e2|2" — 1, we know that e|2” — 1. But 
e < 2”—1, so h(x)|x° + 1 and g(x)|x° + 1 which implies that f(x)|2° + 1. Therefore 
e = 27-1 < 2”—1 and f(z) is imprimitive. Thus the contradiction which completes the 











proof. 
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APPENDIX B. SAMPLE MAGMA CODE 


This appendix is an example of the code used in Magma, an algebraic software 
package, to test values of N from 1 to 750 for a given line of Pascal’s triangle. The sample 
code below is from a third row polynomial and the code includes the two checks discovered 
in the thesis to filter values of NV. This code checks for primitivity, but could also be used 
to check for irreducibility. 











P<x> := PolynomialRing (GF (2)); 
for nan [1.700] do 
t := n mod 6; 
if t eq 1 or t eq 5 then 
max := Floor(n/3); 
n, { a: a in [l..max] | IsPrimitive(f) where f\\ 
is x°n + (x*a +1)73 }; 
end if; 
end for; 
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APPENDIX C. PRIMITIVE TRINOMIALS 


This appendix presents all primitive trinomials of degree four to 750. The trinomials 
have the form 7% +. +1. If there are multiple values in the K cell, then each choice of KX 
for the corresponding JN is a primitive trinomial. We do not list the reciprocal polynomials, 


so we only test values of / up to | “J. 


Table C.1: Primitive trinomials of degree 4 to 750. 


























































































































N K N K N K 

4 1 249 86 489 83 

=) 2 250 103 490 219 

6 1 252 67 494 137 

7 1,3 255 52, 56, 82 495 76, 89, 118, 226 
9 4 257 12, 41, 48, 51, 65 497 78, 216, 228 

10 3 258 83 503 3, 26, 248 

11 2: 263 93 505 156, 174 

15 1,4,7 265 42, 127 506 95, 135 

17 3,5,6 266 47 508 109 

18 7 268 25, 61 S11 10, 15, 31, 160, 202, 216 
20 3 270 53, 133 513 85, 175 

21 2 271 58, 70 518 33, 45 

22 1 273 23, 53, 67, 88, 92, 110, 113 519 79 

23 5,9 274 67, 99, 135 521 32, 48, 158, 168 
25 3,7. 278 5 524 167 

28 3595.13 279 5, 10, 38, 40, 41, 59, 76, 80, 125 527 47, 123, 147, 152, 198, 239 
29 2 281 93,99 529 42, 114, 157 

31 3, 6, 7, 13 282 35, 43 532 1,37: 

33 13 284 119 537 94 

35 2 286 69, 73 540 179, 211 

36 11 287 71, 116, 125 543 16, 28, 58, 203, 235 
39 4,8, 14 289 21, 36, 84 545 22 

41 3, 20 292 97 550 93 

47 5, 14, 20, 21 294 61 551 135, 240 

49 9, 12, 15,22 295 48, 112, 123, 142, 147 353 39, 57, 94, 99, 109, 255, 258 
52 3319;21 297 5, 83, 103, 122, 137 556 53 

55 24 300 7, 73,91 559 34, 70, 148, 210 
57 7, 22 302 41 561 71, 109, 155 

58 19 305 102 564 63 

60 1,11 313 79, 121 566 53 

63 1,-5;431 314 15 567 143, 275 

65 18, 32 316 135 569 77, 210 

68 9533 319 36, 52, 129 570 67 

71 6, 9, 18, 20, 35 321 31, 56, 76, 82, 155 574 13 

7 25, 28, 31 322 67 375: 146 

719 9,19 327 34, 152 577 25, 27, 231 

81 4, 16, 35 329 50, 54 582 85 
































Continued on Next Page... 


33 


Table C.1 — Continued 










































































































































































N K N K N K 

84 13 332 123 583 130 

87 13 333 2 585 121, 151, 157, 232 
89 38 337 55, 57, 135, 139, 147 588 151, 253 

93 2 342 125 590 93 

94 21 343 75, 135, 138, 159 593 86, 108, 119, 177 
95 11,17 345 22, 37, 106 594 19, 35 

97 6, 12, 33, 34 350 53 599 30, 210 

98 11,27 351 34, 55, 116, 134 601 201, 202 

00 37 353 69, 95, 138, 143, 153, 173 607 105, 147, 273 

03 9, 13, 30, 31 359 68, 117 609 31, 128, 181, 233 
05 16, 17, 37, 43, 52 362 63, 107 610 127 

06 15 364 67 615 211, 232, 238 

08 31 366 29 617 200 

11 10, 49 367 21,171 622 297 

13 9, 15, 30 369 91, 110 623 68, 87, 128, 185, 230, 251, 296, 311 
18 33,45 370 139, 183 625 133, 156 

19 8, 38 375 16, 64, 149, 182 628 223, 289 

21 18 377 41,75 631 307 

23 2: 378 43, 107 633 101, 292 

24 37 380 47 634 315 

27 1,7, 15, 30, 63 382 81 639 16, 88, 95, 179, 305 
29 5, 31, 46 383 90, 108, 135 641 11, 36, 45, 95, 287 
30 3 385 6, 24, 51, 54, 142, 159 642 119 

32 29 386 83 646 249 

34 57 390 89 647 5, 150, 215, 312 
35 11, 16, 22 391 28, 31 649 37, 73, 171, 310, 321 
37 21, 35, 57 393 7, 62,91 650 =} 

40 29 394 135 652 93,97 

42 21 396 25, 109, 169, 175 655 88, 192 

45 52, 69 399 86, 109, 181 657 38, 92, 148 

48 27 401 152, 170 658 55 

50 53 404 89 662 297 

51 3, 9, 15, 31, 39, 43, 46, 51, 63, 66, 67, 70 406 57 663 257, 307 

53 1,8 407 71, 105 665 33, 53, 144, 192, 269, 317 
59 31, 34, 40 409 87 670 153, 273 

61 18, 39, 60 412 47 671 15, 201, 243 

67 6, 35, 59, 77 415 102, 163 673 28, 183, 252, 259, 300 
69 34, 42, 57, 84 Al7 107, 113, 155 676 241, 277 

70 23 422 49 679 66, 216 

72 7 423 25 686 197 

74 13 425 12, 21, 42, 66, 111, 191 687 13, 133 

75 6, 16, 18, 57 428 05 689 14, 87, 179, 207, 336 
77 8, 22, 88 431 120, 200 692 299 

78 87 433 33, 61, 118, 153 695 212 

83 56 436 65 697 267, 310 

85 24, 41, 69 438 65 698 215, 311 

91 9, 18, 51, 71 439 49, 133, 145, 156, 171 702 37,317 

93 15, 73, 85 441 SV 127,212 705 19, 161, 194, 266, 328, 331 
94 87 446 105, 153 708 287, 301 

98 65 447 73, 83 711 92 

99 34, 67 449 134, 167 713 41, 297 
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Table C.1 — Continued 






























































N K N K N K 

201 14, 17, 59, 79 450 79 714 23,151 

202 55 455 38, 62, 74 716 183, 275 

207 43 457 16, 61, 123, 210, 217, 226 719 150, 174, 257, 299, 314 
209 6, 8, 14, 45, 47, 50, 62 458 203 721 9, 159, 256, 270, 283, 328 
212 105 460 61 722 231 

215 23, 51, 63, 77, 101 462 73 726 5, 241 

217 45, 64, 66, 82, 85 463 93, 168, 214 727 180, 217, 357 

218 11, 15, 71, 83 465 59, 103, 158 729 58, 253 

223 33, 34, 64, 70, 91 470 149, 177 730 147 

225 32, 74, 88, 97, 109 471 1, 119, 127 735 44, 89, 262 

231 26, 34 474 191, 215 737 5, 303 

233 74 476 15, 141 738 347 

234 31, 103 478 121 740 153, 317 

236 5 479 104, 105, 122, 158, 224 743 90, 144, 146, 209, 210, 239, 279, 326 
239 36, 81 481 138, 201, 231 745 258, 336, 342 

241 70 484 105 746 351 

247 82, 102 487 94, 127 
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APPENDIX D. PRIMITIVE INSIDE PASCAL POLYNOMIALS 


This appendix presents all primitive inside Pascal polynomials of degree four to 
750. The trinomials have the form (z+1)‘+a", where N > K. If there are multiple values 
in the K cell, then each choice of /K for the corresponding N is a primitive polynomial. 


We do not list the reciprocal polynomials, so we only test values of up to ea ; 


Table D.1: Primitive inside Pascal polynomials of degree 4 




















































































































to 750. 
N K N K N K 
4 1 249 86 489 83 
5 2: 250 103 490 219 
6 252 494 137 
y 1,3 255 52, 56, 82 495 76, 89, 118, 226 
9 4 257 12, 41, 48, 51, 65 497 78, 216, 228 
10 3 258 503 3, 26, 248 
11 2: 263 93 505 156, 174 
15 1,4,7 265 42, 127 506 
17 3,5,6 266 47 508 109 
18 268 25,61 511 10, 15, 31, 160, 202, 216 
20 270 513 85,175 
21 271 58, 70 518 33,45 
22 1 273 519 719 
23 5,9 274 67, 99, 135 521 32, 48, 158, 168 
25 3.7 278 5 524 167 
28 3,9, 13 279 5, 10, 38, 40, 41, 59, 76, 80, 125 527 47, 123, 147, 152, 198, 239 
29 2 281 93, 99 529 42, 114, 157 
31 3, 6,7, 13 282 532 1,37 
33 13 284 119 537 94 
35 2: 286 69, 73 540 
36 287 71, 116, 125 543 16, 28, 58, 203, 235 
39 4, 8, 14 289 21, 36, 84 545 122 
41 3, 20 292 97 550 
47 5, 14, 20, 21 294 551 135, 240 
49 9, 12, 15, 22 295 48, 112, 123, 142, 147 553 39, 57, 94, 99, 109, 255, 258 
52 3, 19, 21 297 5, 83, 103, 122, 137 556 153 
55 24 300 559 34, 70, 148, 210 
57 7,22 302 41 561 71, 109, 155 
58 19 305 102 564 
60 313 79,121 566 153 
63 314 15 567 
65 18, 32 316 135 569 77, 210 
68 9, 33 319 36, 52, 129 570 
71 6, 9, 18, 20, 35 321 31, 56, 76, 82, 155 574 13 
73 25, 28, 31 322 67 575 146 
719 9,19 327 34, 152 577 25, 27, 231 
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Table D.1 — Continued 



















































































































































































N K N K N K 

81 4, 16, 35 329 50, 54 582 

84 332 123 583 130 

87 13 333 2 585 121, 151, 157, 232 
89 38 337 55, 57, 135, 139, 147 588 

93 iD 342 590 93 

94 21 343 75, 135, 138, 159 593 86, 108, 119, 177 
95 11,17 345 22, 37, 106 594 

97 6, 12, 33, 34 350 53 599 30, 210 

98 11,27 351 34, 55, 116, 134 601 201, 202 

00 353 69, 95, 138, 143, 153, 173 607 105, 147, 273 
03 9, 13, 30, 31 359 68, 117 609 

05 362 63, 107 610 127 

06 15 364 67 615 211, 232, 238 

08 366 617 200 

11 10, 49 367 PA Paley A 622 297 

13 9, 15, 30 369 91, 110 623 68, 87, 128, 185, 230, 251, 296, 311 
18 33,45 370 139, 183 625 133, 156 

19 8, 38 375 16, 64, 149, 182 628 223, 289 

21 18 377 41,75 631 307 

23 2 378 633 101, 292 

24 37 380 634 315 

27 1,7, 15, 30, 63 382 81 639 16, 88, 95, 179, 305 
29 5, 31, 46 383 90, 108, 135 641 11, 36, 45, 95, 287 
30 3 385 6, 24, 51, 54, 142, 159 642 

32 386 83 646 249 

34 57 390 647 5, 150, 215, 312 
35 11, 16, 22 391 28, 31 649 37, 73, 171, 310, 321 
37 21535357. 393 7, 62, 91 650 3 

40 394 135 652 93,97 

42 21 396 655 88, 192 

45 52, 69 399 657 

48 27 401 152, 170 658 55 

50 404 89 662 297 

51 3, 9, 15, 31, 39, 43, 46, 51, 63, 66, 67, 70 406 57 663 257, 307 

53 1,8 407 71, 105 665 33, 53, 144, 192, 269, 317 
59 31, 34, 40 409 87 670 153, 273 

61 18, 39, 60 412 47 671 15, 201, 243 

67 6, 35, 59, 77 415 102, 163 673 28, 183, 252, 259, 300 
69 34, 42, 57, 84 AIT 107, 113, 155 676 241, 277 

70 23 422 49 679 66, 216 

72 7 423 25 686 197 

74 425 12, 21, 42, 66, 111, 191 687 13, 133 

75 6, 16, 18, 57 428 05 689 14, 87, 179, 207, 336 
77 8, 22, 88 431 120, 200 692 299 

78 87 433 33, 61, 118, 153 695 212 

83 56 436 65 697 267, 310 

85 24, 41, 69 438 698 215, 311 

91 9, 18, 51,71 439 49, 133, 145, 156, 171 702 

93 15, 73, 85 441 705 19, 161, 194, 266, 328, 331 
94 87 446 105, 153 708 

98 447 73, 83 711 92 
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Table D.1 — Continued 

































































N K N K N K 

199 34, 67 449 134, 167 713 41, 297 

201 14, 17, 59, 79 450 714 

202 55 455 38, 62, 74 716 183, 275 

207 43 457 16, 61, 123, 210, 217, 226 719 150, 174, 257, 299, 314 
209 6, 8, 14, 45, 47, 50, 62 458 203 721 9, 159, 256, 270, 283, 328 
212 105 460 722 231 

215 23, 51, 63, 77, 101 462 726 

217 45, 64, 66, 82, 85 463 93, 168, 214 727 180, 217, 357 

218 11, 15, 71, 83 465 729 58, 253 

223 33, 34, 64, 70, 91 470 149, 177 730 147 

225 32, 74, 88, 97, 109 471 1, 119, 127 735 

231 474 737 5, 303 

233 74 476 15, 141 738 

234 478 121 740 

236 5 479 104, 105, 122, 158, 224 743 90, 144, 146, 209, 210, 239, 279, 326 
239 36, 81 481 138, 201, 231 745 258, 336, 342 

241 70 484 105 746 351 

247 82, 102 487 94, 127 
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APPENDIX E. PRIMITIVE ROW THREE PASCAL 
POLYNOMIALS 


This appendix presents all primitive row three Pascal polynomials of degree four to 
750. The polynomials have the form x% + (x4 + 1)°. If there are multiple values in the A 


cell, then each choice of A for the corresponding N is a primitive polynomial. 


Table E.1: Primitive row three Pascal polynomials of degree 




















































































































4 to 750. 

N A N A N A 

5 1 217 15, 22, 44, 45, 51 463 31, 56, 83 

fi 1,2 233 11, 44, 51, 53, 63 479 35, 85, 107, 119, 125 
Hl 3 233 53 481 46, 67,77 

7 1,2,4 239 12,27 487 120, 131 

B 3,6 241 57 497 26, 72, 16 

25 1,6 247 34, 55 503 1, 85, 159 

29 9 257 4, 16, 17, 64, 72 505 52, 58 

31 1,2,6,8 263 31 511 5, 72, 103, 117, 160, 167 
35 TI 265 14, 46 521 16, 56, 121, 163 

4 17 271 67, 71 527 41, 49, 66, 96, 125, 160 
47 7,9, 11, 14 281 31, 33 529 14, 38, 124 

49 3, 4, 5,9 287 54, 57, 72 545 141 

55 8 289 7, 12, 28 551 45, 80 

65 6, 11 295 16, 41, 49, 51, 61 553 13, 19, 33, 85, 86, 148, 153 
7 2, 3, 6, 12, 17 305 34 559 70, 137, 163, 175 

B 14, 15, 16 313 64, 78 569 70, 164 

79 3, 20 319 12, 43, 89 575 143 

89 7 329 18, 93 571 9, 77, 184 

95 26, 28 337 19, 45, 49, 66, 94 583 151 

97 2,4, 11,21 343 25, 45, 46, 53 593 36, 59, 158, 169 
103 3, 10, 24, 30 353 | 23, 46,51, 60, 70,86 || 599 10, 70 
113 3, 5, 10 359 39, 97 601 67, 133 
119 27, 37 367 7,57 607 35, 49, 91 
121 6 377 25, 112 617 139 
127 5, 10, 21, 40, 42 383 30, 36, 45 623 | 29, 104, 109, 124, 131, 146, 165, 185 
137 7, 19, 34 385 2, 8, 17, 18, 53, 81 625 52, 164 
145 23,31 301 120, 121 631 108 
151 | 1,3,5, 13,17, 21, 22, 27, 28, 35, 36,40 || 401 77, 83 641 12, 15, 118, 182, 210 
161 6, 1 3, 20 407 35, 112 647 50, 104, 144, 214 
167 2, 30, 36, 44 409 29 649 57, 107, 113, 192, 204 
169 14, 19, 28, 45 415 34, 84 655 64, 189 
175 2, 6, 19, 53 425 | 4,7, 14, 22, 37, 78 665 11, 48, 64, 116, 132, 204 
185 8, 23, 48 431 40, 77 671 5, 67, 81 
191 3, 6, 17, 40 433 11, 51, 105, 124 673 61, 84, 100, 138, 215 
193 5, 36, 40 439 | 52,57, 98, 102,130 || 679 22,72 
199 44, 55 449 04, 105 689 29, 69, 112, 170, 225 
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Table E.1 — Continued 




















A N A 
2, 15, 49, 53, 54, 65, 67 455 127, 131, 139 
17, 21, 38, 46, 64 457 | 41,70, 77, 80, 132, 147 
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APPENDIX F. PRIMITIVE ROW FIVE PASCAL POLYNOMIALS 


This appendix presents all primitive row five Pascal polynomials of degree six to 
750. The polynomials have the form 2 + (a+ 1)°. If there are multiple values in the A 


cell, then each choice of A for the corresponding N is a primitive polynomial. 


Table F.1: Primitive row five Pascal polynomials of degree 6 


















































































































































to 750. 

N A N A N A 

6 1 258 35 471 94 

9 1 263 34 474 B 

7 1 271 14 479 | 21, 51,75 
B 1 273 | 22, 32,37, 44,50 || 481 50, 56 

31 5 274 27, 35 487 72 

33 4 278 1 503 51, 100 
39 5,7 279 | 1, 2,8, 16,25, 44 || 506 19, 27 

4 4 282 7 511 | 2,3, 32,59, 96 
a7 14 287 25 513 17,35 

49 3, 8 289 41 518 9,97 

57 7,10 297 1, 32, 35 519 88 

63 1 314 3 527 | 75, 76, 96 
71 4,7, 13 319 38 529 83 

B 5,9 321 | 31, 49,53,58 || 543 | 47, 68,97, 103 
79 12, 14 322 51 551 27, 48 

81 7, 1B 327 35 553 51, 59 

97 7 329 10, 55 559 | 14, 42, 105 
103 6, 18 337 | 11, 27,38,56 || 561 31,98 
106 3 342 25 567 55 
1 2 343 15, 27, 41 569 42 
113 3,6 351 1,47 377 5, 110 
118 9,17 353 | 19, 36, 40, 42,43 || 582 7 
127 3, 6, 24 362 51 583 26 
129 1 369 22 593 97 
137 7, 16 377 15 504 7,115 
151 | 3, 14, 17, 20, 21, 24 || 378 67 599 6, 42 
153 29 383 18, 27, 55 601 80 
159 8, 25 3901 72 607 21, 92 
161 12 304 W 617 40 
167 7, 18 399 58 622 65 
169 17,27 401 34 623 | 37,46, 99, 111 
77 31 407 oy 634 63 
191 24, 28 417 31, 62 639 19, 61, 92 
193 3, 17,24 423 5 641 | 9, 19, 121, 126 
198 B 21 24, 40 647 | 1, 30, 43, 67 
199 33 433 56, 63, 80 649 62 
202 Tl 438 1B 657 113 
209 9, 10, 39 439 29, 78 658 i 
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Table F.1 — Continued 
































N A N A N A 

217 9,-17,.27 441 82 662 73 
218 3,27 446 21 671 3, 94 
223 14, 38 449 63 673 60, 98, 129 
231 41 457 42, 48 689 102, 135 
241 14 458 51 697 62, 86 
247 29, 33 463 59, 74 698 43 
257 13, 49 
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APPENDIX G. PRIMITIVE ROW SEVEN PASCAL 
POLYNOMIALS 


This appendix presents all primitive row seven Pascal polynomials of degree eight 
to 750. The polynomials have the form x“ + (x4 + 1)". If there are multiple values in the 


A cell, then each choice of A for the corresponding N is a primitive polynomial. 


Table G.1: Primitive row seven Pascal polynomials of degree 












































































































































8 to 750. 
N A N A N A 
10 1 239 29 457 | 30, 31, 33, 63 
7 2 241 10 458 29 
22 3 250 21 460 57 
23 2 257 35 463 24 
25 1 265 6 478 51 
31 1,4 71 10 479 | 15,32, 51 
41 3 274 25 481 | 33,40, 49 
47 23,6 278 39 484 15 
52 3,7 281 26 494 51 
68 5 284 7 506 533 
7 5 286 31 508 57 
B 4,6 289 | 3,12 || 521 24 
79 10 295 | 16,21 || 524 51 
94 3 305 29 527 21, 47 
95 12 337 | 21,40 || 529 6 
97 9, 13 353 30 550 51 
100 9 362 9 559 | 10, 30,75 
106 B 367 | 3,28 || 566 59 
113 14 370 33 569 11, 30 
127 1,9, 16, 18 377 48 577 33 
134 ir 382 43 590 71 
137 3,5 391 4 593 17 
142 3 304 37 599 30 
151 | 9,10, 12, 15,16 || 401 33 601 57 
167 5, 11, 23 404 2 607 | 15, 21,39 
169 6, 12, 16 407 | 15,48 || 610 69 
170 21 409 46 625 19, 67 
172 1 412 21 634 45 
178 13 415 36 641 | 41, 78,90 
185 23 422 39 647 Tl 
191 20, 26 425 | 3,6,59 || 655 81 
202 21 428 15 670 39 
209 2, 21, 29 Bl 33 673 | 4, 36, 37,70 
212 15 433 | 40,45 || 676 57 
215 9,11 439 | 7,19,42 || 689 | 2,48, 86 
218 21, 29 446 15 695 69 
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Table G.1 — Continued 

















N A N A N A 
223 10, 13, 27 449 45 698 69 
236 33 
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APPENDIX H. PRIMITIVE ROW NINE PASCAL POLYNOMIALS 


This appendix presents all primitive row nine Pascal polynomials of degree ten to 
750. The polynomials have the form «* + (a+ 1)%. If there are multiple values in the A 


cell, then each choice of A for the corresponding N is a primitive polynomial. 


Table H.1: Primitive row nine Pascal polynomials of degree 














































































































10 to 750. 

N A N A N A 

11 1 209 5, 18 439 19, 34 
23 1,2 215 7 449 35 
25 2 217 5, 15, 17 457 44, 49 
29 3 223 17, 21 487 40 
31 2 239 4,9 497 24 
47 3 241 19 503 53 
49 1,3 257 24 S11 24, 39 
65 2 281 11 527 22, 32 
71 1,2,4 287 | 18,19, 24 || 545 47 
73 5 289 4 551 15 
719 1 295 17 553 11,51 
97 7 313 26 S77 3 
103 1, 8, 10 319 4 593 12 
113 1 329 6, 31 623 55 
119 9 337 15, 22 631 36 
121 2 343 15 641 4,5, 70 
127 7, 14 353 17, 20 647 48 
151 | 1, 7,9, 12 359 13 649 | 19, 64, 68 
161 2 367 19 655 63 
167 10, 12 383 | 10, 12, 15 665 | 16, 44, 68 
169 15 385 6, 27 671 27 
175 2 391 40 673 28, 46 
185 16 415 28 679 24 
191 1,2 425 26 689 23,75 
193 12 433 17, 35 697 43 
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APPENDIX I. PRIMITIVE ROW ELEVEN PASCAL 
POLYNOMIALS 


This appendix presents all primitive row eleven Pascal polynomials of degree twelve 
to 750. The polynomials have the form 2% + (24+ 1)". If there are multiple values in the 


A cell, then each choice of A for the corresponding N is a primitive polynomial. 


Table I.1: Primitive row eleven Pascal polynomials of degree 








































































































12 to 750. 
N A N N A 
15 1 215 7 447 34 
17 1 217 6, 12 457 21, 36 
18 1 218 1 471 32 
25 2 223 3, 12 478 11 
35 3 225 8 479 34 
36 1 236 21 481 21 
47 3 247 15 518 3, 43 
49 2 257 19 519 40 
52 3 273 | 8, 10,20 |} 521 33, 43 
57 2 274 9 527 18 
65 3 279 14, 20 532 45 
68 3 281 9 543 28 
81 7 284 15 553 9 
95 1 289 23 567 13, 25 
97 3 313 11 569 7 
98 1 329 25 574 51 
105 8 332 19 575 39 
108 7 337 5, 18 S77 21,50 
118 3 345 2, 28 585 11 
123 11 351 5 588 23 
134 7 353 13 622 27 
135, 1,.2 359 22 623 45 
142 11 364 27 633 31 
148 11 369 10 634 29 
151 6,8 383 25 639 
161 13 391 33 641 1,55 
167 | 7,12 401 21 655 
172 15 425 6 658 5 
177 2,8 431 21 662 27 
199 | 12,15 433 3 665 | 3, 36, 43 
201 17 436 15 679 6 
202 5 446 31 
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